Bauke Brenninkmeijer
AI Research Engineer at orq.ai, where I build systems that make LLM agents observable and improvable — trace analysis, clustering, failure taxonomies, evaluation. Recently published work on red teaming AI agents: a capability-aware framework for finding security vulnerabilities in tool-using agents before attackers do.
Previously spent 5 years at ING and ABN AMRO shipping ML into production, and before that, startups where every hat was mine. I co-organize the MLOps Community Amsterdam meetup.
Find me to talk about LLM evaluation, agent security, or why production is where the interesting problems live.
Session
LLM agents are reaching production faster than teams can evaluate them. A data-analysis agent that runs the right query but reports the wrong number, or returns the right number via a trajectory full of fabricated tool calls, passes superficial testing and fails in production.
This talk walks through evaluating such an agent end-to-end. Our running example: a data-analysis agent answering questions over a business dataset. We show how to grade three dimensions that agent evaluation requires and single-shot LLM evaluation ignores: final response, trajectory, and state changes.
We cover the full lifecycle:
- Bootstrapping evaluation from 50 hand-reviewed examples when you have no labels.
- Aligning an LLM-as-a-judge to human judgment with the same rigor you'd apply to outsourced annotators: dev/test splits, inter-rater agreement, Cohen's kappa.
- Scaling to continuous online evaluation with CI integration, error analysis, and prompt optimization driven by natural-language feedback.
We also cover what we got wrong in earlier iterations and what we'd do differently today.
Attendees will leave with a process they can run on their own agent next week, and a clear rule for when to trust an automated judge at scale, and when to stop.